UBS relies on a unique system that requires personal identification details: agreement number, personal identification number (PIN) and Access Card.

The challenge-response authorization method is used for logging into UBS Online Services – UBS e-banking and UBS Mobile Banking. A new access code is generated for each login and is only valid for a short period of time. Your access data are protected on your Access Card and cannot be seen by third parties.

Thanks to this secure identification system, you enjoy special protection as a client of UBS Online Services.

When entering a payment to a new beneficiary, an additional check is carried out to prevent payments from being manipulated by criminals. At the moment, this can only be done in UBS e-banking.

Heartbleed is a software bug which has arisen in certain versions of the Open SSL encryption technology commonly used worldwide (cf. Wikipedia). However, UBS Online Banking Services have never used the versions of OpenSSL affected by Heartbleed. This means that the security of UBS e-banking, UBS Mobile Banking and UBS Connect have not been compromised by the bug in question at any time. Therefore there is no need for our customers to take any action.

As a general rule, if you consider a situation to be unusual, refuse to disclose your personal security details or to use the Access Card and card reader. In such a case, contact the support as soon as possible. Phone +49-69-2179 2211.

Confirming beneficiaries is an additional security solution for online payment transactions that prevents payments from being manipulated by criminals. A one-time additional check is required when making a payment to a new beneficiary. This can only be done in UBS e-banking.

UBS supplies a certificate upon connection. The browser uses the certificate to determine that you are actually connected to UBS's security server. You can verify the authenticity of this certificate yourself by comparing the fingerprint.